Static task
static1
General
-
Target
f74c9548b5874c55712f2ba32ffe0571
-
Size
746KB
-
MD5
f74c9548b5874c55712f2ba32ffe0571
-
SHA1
19dbaff68d62e448bd0dc78826334fe4968dba4b
-
SHA256
35590365bdc783dca859e9957ac73515ee373c977cd121709dd9f2fb23eee6ca
-
SHA512
03591714459fa0cd4c1e461e6dfb3d3170bc575f1b72c4fd16e90849dc4da194c7c1ae20c95cde491ed5e321366213251a0a324e10b423059eb6195fa7fc62ae
-
SSDEEP
12288:L9UzDxTF8bP3nCeo58uLkCIabjKoh9WX+3A+J+:L9Uvx58OL8uLkCIabjKoh9Wu3n+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f74c9548b5874c55712f2ba32ffe0571
Files
-
f74c9548b5874c55712f2ba32ffe0571.sys windows:10 windows x64 arch:x64
a96fa9912e09e361274ad77f1a4b252c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
ntdll
NtSetInformationProcess
RtlSetHeapInformation
NtTerminateProcess
RtlSetUnhandledExceptionFilter
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlUnhandledExceptionFilter
RtlUnicodeStringToAnsiString
NtTerminateThread
RtlCaptureContext
RtlFreeAnsiString
RtlAllocateHeap
RtlNormalizeProcessParams
isspace
csrsrv
CsrUnhandledExceptionFilter
CsrServerInitialization
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ